Skip to main content
CVE-2017-5689 CRITICAL POC KEV PATCH THREAT Act Now

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Privilege Escalation Intel
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.2%
Threat
7.8
CVE-2016-10243 CRITICAL POC PATCH THREAT Act Now

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.6%.

Information Disclosure Debian Linux Fedora Tex Live
NVD
CVSS 3.0
9.8
EPSS
10.6%
CVE-2017-7476 CRITICAL POC PATCH Act Now

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnulib
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2017-6551 CRITICAL Act Now

Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Pexip Infinity
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2016-5006 CRITICAL Act Now

The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cloud Foundry Cloud Foundry Elastic Runtime
NVD
CVSS 3.0
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy